Senior Security Engineer

It's fun to work in a company where people truly BELIEVE in what they're doing!

Fullsteam is a leading provider of vertical software and embedded payments technology dedicated to helping businesses flourish by providing their customers with seamless experiences. With a dynamic and growing team of over 1,900 employees, we are committed to driving innovation and delivering best-in-class software and payment solutions that empower small and medium-sized businesses across numerous industries. Our purpose is to help our customers grow their businesses and delight their customers. Join us and be a part of a forward-thinking company that values growth, excellence, and the success of our clients.

​​​This position is part of the Fullsteam InfoSec Team which is directly responsible for working with Business Units and Fullsteam Corporate on security initiatives and response.​​ 

​​At Fullsteam, we're committed to protecting our digital assets and delivering the highest standard of security across our business. As we continue to scale our security programs, we're looking for a passionate security professional to join our Proactive Security team. 

​We're a small, high-ownership team tackling vulnerability and risk exposure across a broad surface; infrastructure, applications, software, AI systems, and external attack surface. This isn't a ticket queue role; you'll have real ownership across the full vulnerability lifecycle, contribute to automation and tooling, and work directly alongside security leadership. If you thrive in a fast-paced environment and want to help shape a growing VM program, we want to hear from you.​ 

Primary Responsibilities: 

• ​​Contribute to and help mature our vulnerability management program, ensuring identified risks are remediated according to SLAs across the enterprise and business units 

• ​Identify and report known vulnerabilities across infrastructure (cloud and on-prem), applications, software, AI systems, and external attack surface 

• ​Monitor external attack surface exposures and contribute to remediation prioritization 

• ​Produce vulnerability metrics, trending reports, and risk summaries for security leadership and business unit stakeholders 

• ​Support alignment of the VM program with industry regulations and standards (PCI-DSS, SOC2, NIST CSF, ISO 27001) 

• ​Collaborate with Security, IT, and BU Engineering teams to drive effective and measurable vulnerability and risk exposure outcomes 

• ​Contribute to risk management and governance functions (e.g., risk register, key metrics, vulnerability reports) 

• ​Develop and contribute to AI-assisted HITL (Human in the Loop) automation and workflows for Proactive Security initiatives 

• ​Collaborate with and learn alongside other Proactive Security team members​ 

Skills & Competencies: 

• ​​8+ years of Information Technology / Security experience with 2-4+ years of hands-on experience in vulnerability management, attack surface management, or related security functions 

• ​Working knowledge of security tools such as Wiz, Snyk, Qualys, Nessus, MS Defender, or similar platforms 

• ​Experience with vulnerability prioritization frameworks (CVSS, EPSS, risk-based scoring) 

• ​Experience with application security testing concepts and tools (SAST, DAST, IAST, Burp Suite, Postman, GitHub, etc.) 

• ​Basic scripting or programming experience in any language, or a strong desire to develop this skill 

• ​Ability to produce clear, actionable security reporting for both technical and non-technical audiences 

• ​Hands-on experience with AI-assisted security workflows (prompt engineering, agent development, MCP tooling) 

• ​Experience developing or contributing to process documentation 

• ​Ability to work independently in a fully remote environment while managing multiple concurrent priorities 

• ​Experience working in a multi-business-unit or enterprise environment 

• ​Genuine curiosity and desire to grow​ 

Minimum Qualifications: 

• ​​​CISSP or equivalent certification (GIAC, CISM, CRISC) 

• ​Bachelor’s degree in cybersecurity or equivalent work experience 

• ​Hands-on Defensive or Offensive security training or work experience 

• ​Project management knowledge, training and/or certifications 

Base Salary Range: $122,254 - $130,000 USD

Fullsteam supports an inclusive workplace that values diversity of thought, experience, and background. Fullsteam is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state, or local law.